Retire many issues now released (or N/A or ignored) in all branches

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5001 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 19 insertions, 0 deletions

diff --git a/retired/CVE-2016-7917 b/retired/CVE-2016-7917
new file mode 100644
index 00000000..78f54448
--- /dev/null
+++ b/retired/CVE-2016-7917
@@ -0,0 +1,19 @@
+Description:
+ The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does
+ not check whether a batch message's length field is large enough, which allows local users to
+ obtain sensitive information from kernel memory or cause a denial of service (infinite loop or
+ out-of-bounds read) by leveraging the CAP_NET_ADMIN capability. 
+References:
+ http://source.android.com/security/bulletin/2016-11-01.html
+Notes:
+ carnil> Introduced in 3.19-rc5 with 9ea2aa8b7dba9e99544c4187cc298face254569f but needs double
+ carnil> check if backported.
+ bwh> It was backported to 3.16-stable as commit d922a1cee45e (among other
+ bwh> stable branches)
+Bugs:
+upstream: released (4.5-rc6) [c58d6c93680f28ac58984af61d0a7ebf4319c241]
+3.16-upstream-stable: released (3.16.40) [netfilter-nfnetlink-correctly-validate-length-of-batch-messages.patch]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.39-1) [bugfix/all/netfilter-nfnetlink-correctly-validate-length-of-bat.patch]
+3.2-wheezy-security: N/A "Vulnerable code not present"